ccie security v5 ine

ccie security v5 ine

16 , 32 , 64 and 128 are used. Part of the original IEEE802.3 standard for 10BaseT , 1OBaseT is the 1OMb/s baseband Ethernet specification. And headers and trailers for synchronization and error control, which surround the data contained in the unit. 10OMb/S baseband Fast Ethernet specification. The first pair of lines receives data ; the second pair of lines sends data. To ensure proper signal timing, a 100BaseTX segment cannot exceed 100 meters. WAN type and encapsulation protocol : Or hub port duplex. Handshake ( handshake ) to ensure synchronous transmission of a series of operations exchanged between two or more devices on a network. degree. AUX port ( auxiliary management interface ): can be connected to MODEM to achieve remote management , exclusive mode . There are two types of ACLs : In user mode and privileged mode. If the router does not store the loopback , select the highest IP from the physical interface as the RouterID (the interface must be active ) =========================================================== =============== Bridge ( bridge ) two devices connected to the network and transmit data packets therebetween. Both paragraphs must use the same 1. Use hop count as a metric 2. Support up to 6 paths for the average load (default set to 4) 3. Periodic notification time : 30s IGPs: Internal Gateway Routing Protocol , which maintains routes within an autonomous system accounting ( statistics ) ----- AAA one of the three components. Statistics provide auditing and recording skills for security models R14(config)#interface bri 0 Management distance: Determine which routing protocol generates routes will be adopted by the router. The lower the management distance, the easier it is to be adopted by the router. 4. Notification method : Broadcast (RIPv1, IGRP) rule mechanism : A bit set by the network that informs the DTE receiver that congestion is encountered along the path from the source to the destination. Received FECN bit =========================================================== =============== reload reload Router ( restart ) Habitat Cisco equipment, the Cisco hardware type of equipment being used, the software version and active port. It uses SNAP frames between devices and is not routable. Switch function: The node automatically performs the diagnosis and attempts to reconfigure the network by bypassing the failed area. OSPF uses IP packets for route advertisement and learning , Protocol Number : 89 frameing ( framing ) the OSI package on model data link layer. It's called framing because the packet is used 0x0 indicates that the router is going to enter the Rom monitor mode. A (config-if) #ip rip authentication key-chain A selected A key chain destination address ( destination address ) receiving a data packet network device address. cut-through frame switching ( straight-frame exchange ) A frame of data flowing through the switch switching technology The credibility value of the source. The smaller the value, the higher the level of constitutionality BGP4 . Encapsulation frame-relay Is a point-to-multipoint connection. See control directVCC . =========================================================== =============== Spanning-tree vlan 1 priority ? Modify the priority of the switch to change the cost cost of the interface ATG Address Translation Gateway (Address Translation Gateway) ----- Cisco DECnet routing software is a mechanism that allows the router route multiple, independent DECnet networks and to establish a user-specified address into a network between the selected nodes. =========================================================== =============== frame tagging ( frame flag ) see Frame Identification . 1.Down 2.Init 3.Two-Way 4.ExStart frame types ( frame type ) the LAN in a frame is used to determine how to put on the local network. Ethernet Show spanning-tree brief to view the spanning tree status (3500xl) (2950/3550 : show spanning-tree) A series of actions performed immediately to determine if a connection request violates the QoS guarantee for establishing a connection . The CAC is also used to transmit connection requests over an ATM network. Exchange routing information between systems. VTP is a messaging system . Ensures that all of the switches in the same management domain below network VLAN Checksum ( checksum ) ----- ensure the integrity of the transmission data for testing. It is through - a number calculated from a string value series of mathematical functions. It is usually placed at the end of the calculated data and then recalculated at the receiving end for confirmation. Compare CRC . PPP 's own password configuration Anycast----- An ATM address that can be shared by multiple end systems, allowing requests to be sent to a node that provides special services. Frame-relay route 120 interface Serial0 110 show version to view router 's configuration register guard band ( guard band ) two communication channels between a frequency region not used to provide the necessary space to avoid interference therebetween. AppleShare and Mac OS file sharing allows users to share files and applications on the server. =========================================================== =============== Fast Ethernet ( Fast Ethernet ) ---- speed lOOMb / s Ethernet specification. Fast Ethernet ratio Frame Relay ( FR ) ----- the X.25 protocol ( a guaranteed unrelated packet relay data transmission techniques ) in a more effective alternative. Frame Relay is an industry-standard, shared, and best-effort switched data link layer package that provides multiple virtual circuits and protocols between connected mechanisms. Network 192.168.1.0 0.0.0.3 enable secret provided in the ciphertext enable password ( in preference to the use plaintext ) service password-encryption of all encryption system cleartext password ( weak ) binary ( binary ) by 1 and 0 two methods of counting characters. Binary count is made for all information A superset of the BootP protocol. This means it uses the same protocol structure as BootP , but it adds enhancements. This protocol uses the server to dynamically configure the client when requested by the client. The two main enhancements are the address pool and lease time. expedited delivery ( accelerated delivery ) may be the same or other layers of protocol of a different network device in Variable length subnet mask (VLSM) and supernet are allowed by selection . Protocols that support stepless routing are RIP version 2 , BIP bit interleaved parity (Bit Interleaved Parity) ATM are used to monitor the link on the error =========================================================== =============== Serial1 is down, Line protocol is down CGMP Cisco Group Management Protocol (Cisco Group Management Protocol): made Cisco a proprietary protocol developed. The router uses CGMP to send multicast member commands to the Catalyst switch. EIGRP and OSPF . If the router does not store the loopback , select the highest IP from the physical interface as the RouterID (the interface must be active ) Shot as a network address A (config-if) #ip rip authentication key-chain A selected A key chain The method of traffic. Low priority traffic is discarded at the edge of the network when the indicator indicates that it cannot be transmitted to use resources efficiently. EPROM erasable programmable read-only memory----- dedicatedline ( green ) do not share any bandwidth point to point connection. Ethernet cable type for switch or switch to hub. =========================================================== =============== The three-tier architecture of the network : The route to the network. The level is set to 32768 . 16 , 32 , 64 and 128 are used. floodming ( diffusion ) an interface when receiving traffic it will be transmitted to the originating communication interfaces in addition to the amount of CGMP Cisco Group Management Protocol (Cisco Group Management Protocol): made Cisco a proprietary protocol developed. The router uses CGMP to send multicast member commands to the Catalyst switch. =========================================================== =================== Immediate execution , immediate effect First, a one-way virtual control connection (VCC) established by a LES to an LEC in the ATM . Usually, the VCC 2. Different VLANs cannot communicate directly . ATP AppleTalk transaction protocol (AppleTalk Transaction Protocol) a transport layer protocol, Numbered recommended standards in ISDN , SMDS, and BISDN . 2) A flag for the field in the ATM address containing the E.164 format number . Call setuptime ( call setup time ) affects the length of time required for switched calls between DTE devices frame identification (frame tagging) ( frame identifier, frame flag ) the VLAN can span multiple connections Router ospf 1 An octet divided into four points, followed by a forward slash and the number of the masked bit ( abbreviation of the subnet symbol ) . See Redundant topology , causing " broadcast storm ", " multiple frame reception ", "MAC address table instability ". Port Console ( control port opening ) the Cisco a typical routers and switches on the RJ-45 ports, with IGRP uses a 24-bit metric . Available in four different frame types. They are not compatible with each other, so for two hosts to communicate, they must use the same frame type. CD carrier detection (cairierdetect) indicates that an interface has been activated or a modem-generated connection Sending CDP packets every 60 seconds ( every 60 transmits second cdp packet ) HoldTime 180 seconds ( per CDP information is saved 180 [ seconds ) A(config-keychain)#key 1Configure key 1 A(config-keychain-key)#key-string cisco define password A(config-keychain-key)#exit frameing ( framing ) the OSI package on model data link layer. It's called framing because the packet is used There is traffic successfully reaching the destination. This usually occurs in networks that combine inefficient or poorly cached routers with poor packet drop or ABR congestion feedback mechanisms. Data link layer : ISDN channel. Compare B channel , E channel and H channel . 2) In SNA ,ccie security v5 ine, a connection between the processor and the main memory is not provided. bidirectional shared tree ( bidirectional shared tree ) A method for forwarding multicast tree sharing. This method allows fragmentation ( segmentation ) when transmitting data on an intermediate medium can not support large network packet size, so ATMlayer A sublayer of the data link layer in an ATM network that is service independent. for Bit, Frame, Packet, and Segment are all called : PDU (Protocol Data Unit) 1.cisco hdlc: can support multi-protocol environment , by adding the " attribute " field . 2.standard hdlc: only support single-protocol environment FEIP Fast Ethernet Interface Processor (Fast Ethernet Interface Processor) Cisco7000 Series Routing Track all possible paths to a given destination. Also known as a full ring detection package. See explorer packet , local explorer packet, and Spanning explorer packet . VLAN; all switches in the end-to-end \VLAN understand all configured VLANs . End-to-end VLANs are configured to allow membership based on functions, projects, departments, and so on. Connectionless ( no connection ) does not require the creation of data transfers from virtual circuits. It has no overhead, try its best Coaxial cable classification for signaling. Compare baSeband . =========================================================== =============== =========================================================== =============== connection-oriented ( connection-oriented ) to establish a virtual circuit data before any data transmission The signal has been established. The IP address is converted to a MAC address. See RARP . =========================================================== =============== FTP file transfer protocol (File Transfer Protocol): used to transfer files between network nodes of TCP / IP vlan 10 name cisco create a named CISCO 's 10 Hao VLAN vlan 20 create a system of self-named 20 Hao VLAN " The main explanation is F , G , H vocabulary beginning. Show hosts shows the current hostname configuration Encapsulation ( encapsulation ) layered association, the technology used, one layer to the upper layer protocol data unit Line conosle 0 to consolo 0 =========================================================== =============== The EIA/TIA-232 interface circuit is also busy. =========================================================== =============== AppleShare and Mac OS file sharing allows users to share files and applications on the server. Connector type : BNC interface , AUI interface , RJ45 interface , SC/ST interface collision domain ( collision domain ) network area Ethernet frame collision propagating. Conflict Other bridges operate the same spanning tree algorithm, but allow packet encapsulation to be transmitted over a Frame Relay network. 1.cisco hdlc: can support multi-protocol environment , by adding the " attribute " field . 2.standard hdlc: only support single-protocol environment Packet exchange. The process of activating an interface that has been frozen by the pruning process. It is initiated by an IGMP member report sent to the router . VCC does not guarantee QoS, they are usually reserved for UBR and ABR connections. Compare control distribute VCC and A system developed to provide network security. See the authentication . Authorization and accounting 10.1.1.0/255.255.255.0 end-to-end VLANs ( end the VLAN) ----- across the switch fabric (switch-fabric) from end to end FSIP Fast Serial Interface Processor (Fast Serial Interface Processor) Cisco 7000 Router silent The protocol layer of the layer communication specifies an option that requires the identified data to be located faster. The data can exceed the bandwidth normally reserved for the connection, but cannot exceed the port rate. An example of this is a 128Kb/s Frame Relay CIR on T-1 - depending on the vendor, it is possible to send at a rate of more than 128Kb/s for a short time . A remote AppleTalk location access protocol for resources and data. Show ip ospf neighbor to view neighbors (NeighborID is RouterID) DNS Domain Name System (Domain Name System) is used to resolve host names to IP addresses. =========================================================== =============== login set login password when 1. Reduce the size of the routing table 2. Speed ​​up the convergence 3. Limit the spread of LSA 4. Improve stability Show spanning-tree brief to view the spanning tree status (3500xl) (2950/3550 : show spanning-tree) Anycast----- An ATM address that can be shared by multiple end systems, allowing requests to be sent to a node that provides special services. DLCI: identifies the PVC 's . Only valid locally . Datagram ( datagram ) as a network layer unit without the need to pre-establish virtual circuits and transmit them on the medium CLR cell loss ratio (Cell Loss Ratio) ----- ATM ratio of discarded cells and cell successfully transmitted. When establishing a connection, the CLR can be specified as a QoS parameter. Broadcast ( Broadcast ) ----- a data frame or packet is transmitted to the local network segment ( defined by the broadcast domain ) for each node on. Broadcast broadcast address indicated by its destination network and host address bits are all 1 . Also known as " local broadcast " . Compare directedbroadcast . The basis of word expression. A working node gets information about the attached network. This information is then used by the interface for its own configuration. Routing methods. The autonomous system is subdivided by region and must be assigned a separate 16 -digit number by TANA . See area . guard band ( guard band ) two communication channels between a frequency region not used to provide the necessary space to avoid interference therebetween. The default route ( default route ) is used to guide the static routing table entry of the frame, and its next hop is not in the alignmentError ( alignment error ) Ethernet The error occurring in the network, the received frame in which the additional CDP timer (CDP timer ) By default, Cisco Discovery Protocol is transmitted to all router interfaces. A random value selected by the BGP router when sending an OPEN message. Adopt standard : The designated router is in case of failure. Endpoints ( endpoint ) see BGP neighbors . The method of traffic. Low priority traffic is discarded at the edge of the network when the indicator indicates that it cannot be transmitted to use resources efficiently. Set a user password or authentication protocol group. Because they do not forward broadcast frames, the broadcast domain is usually surrounded by routers. Storage forwarding : slow , ensuring the correctness of the frames being forwarded . =========================================================== =================== =========================================================== =============== 1. Port-based implementation , static VLAN 2. Based on MAC address implementation , dynamic VLAN TRUNK ( trunk ): uses a special encapsulation mechanism to transfer data from multiple VLANs . Show cdp neighbors to view CDP neighbors ( without IP) The route to the network. Show cdp neighbors to view CDP neighbors ( without IP) Network devices ( such as routers, bridges or hubs ) efficacy. They serve as an FEP for an ATM network that uses a special DSU to complete the packet encapsulation . End the Back ( back-end ) a front-end node to provide services or software programs. See server . Dynamic NAT configuration =========================================================== =========== control direct VCC ( control direct VCC) ----- Phase I LAN emulation defined in one of three control connections, ATM by a LEG to a LES established bi-directional virtual control connection (the VCC) . See control distribute VCC . Need to create a neighbor relationship using multicast to perform route advertisement ( reliable ) own link state database ( network map ) using a corresponding algorithm , such as (SPF) to calculate the best route trigger update active monitor ( activity monitor ) for Token Ring management mechanism. The highest MAC address on the ring Ip route 4.0.0.0 255.0.0.0 s0 BDR backup designated router (Backup Designated Router) an OSPF network used to prepare Other bridges operate the same spanning tree algorithm, but allow packet encapsulation to be transmitted over a Frame Relay network. Autonomous switching (autonomous switching Cisco routers use ciscoBus to independently exchange system processing Enable password Set the plaintext enable password Cable Crossover ( crossover cable ) is connected to the switch switches, host-to-host, hub to hub Protocol, which holds a wide range of file types and is defined in RFC 959 , see TFTP . Extended IPX accesslist ( extended IPX access table ) through logical IPX address, network layer header Standard access control list : Detect only the access control list of the source address extension : source address , destination address , protocol , port number A series of actions performed immediately to determine if a connection request violates the QoS guarantee for establishing a connection . The CAC is also used to transmit connection requests over an ATM network. Holdtime CDP (CDP hold time ) routers to keep from neighboring routers received Cisco Discovery Protocol Target : 172.16.3.1 Specify the idle IP of the address pool =========================================================== =============== The ETA/TIA-232 circuit indicates the state in which the DTE sends or receives data ready. Designated router (DR , designated router ) creates an OSPF for the LSA for a multiaccess network The process of packaging or inclusion. In the OSI reference model, when data flows down the protocol stack, each layer encapsulates its next layer. This routing algorithm group repeats the number of hops in a given route, requiring each router to send its complete updated routing table, but only to its neighbors. This routing algorithm has a tendency to generate loops, but is simpler than the link state algorithm. See link-state routing al-gorithm and SPF . Switchport trunk encapsulation dot1q need to choose which way [dot1q|isl] switchport mode trunk change interface mode to trunk work mode show interface trunk view current switch TRUNK configuration B(config)#inte s 1 Frame-relay route 110 interface Serial1 120 Duplex Full ( full duplex ) ability to simultaneously transfer information between the transmitting and receiving stations, see Show spanning-tree brief to view the spanning tree status (3500xl) (2950/3550 : show spanning-tree) Address learning, forwarding filtering, etc. of the switch : Connectionless ( no connection ) does not require the creation of data transfers from virtual circuits. It has no overhead, try its best R14(config-if)#dialer-group 9 =========================================================== =========== The path is activated on an analog modem. End exit the interface Spanning-tree vlan 1 priority ? Modify the priority of the switch to change the cost cost of the interface (PDU) Add header information. For example, in Internet terminology. A packet should contain a physical layer header followed by a network layer (IP) header followed by a transport layer header (TCP) followed by application protocol data. BGP Identifier (BGP Identifier ) that identifies the segment comprises Yu BGP a value of the speakers. This is by Protocol): A test of connectivity between two AppleTalk nodes, where one node sends a packet to another node and receives a response or copy in response. ------------------------------------------------- Configure ACL to reject london to ping through Denver (1) R14(config)#interface bri 0 Table or logical address table. =========================================================== =============== The number of hops added to a particular network, which converges slowly. To avoid this problem, various solutions have been implemented for each different routing protocol. These solutions include defining a maximum number of hops ( defined infinite ) , route balancing, poison reversal, and split horizon. Packet . Busy, a frame can be discarded. DE is a field in the frame that is opened by the sending router if the committed information rate (CIR) is over-provisioned or set to zero . Broadband ( broadband ) multiplexing several independent technique for transmitting signals on a single cable. telecommunications Communication between two ATM service users ( such as ATMM processes ) . These communications can be one-way or two-way, using one or two VCCs , respectively . See ATM layer and ATMM . B(config)#inte s 1 =========================================================== =============== Cheng. =========================================================== =============== ATMM was ATM management (ATM Management) in ATM a protocol running on the switch tube =========================================================== =============== VLAN features : Frame-relay route 110 interface Serial1 120 Set of special character data link communication protocols. These protocols have generally been replaced by bit-oriented protocols. Compare the bit-oriented protocol . cable range ( range of cables ) in the extended AppleTalk network, using the number range assigned to the existing nodes on the network. The value of the cable range can be a sequence of one or several consecutive network numbers. Node addresses are determined by their cable range values.